Lucene search
MitreCVE-2022-30515HistoryNov 08, 2022 - 11:15 p.m.
CVE-2022-30515
2022-11-0823:15:09
CWE-306
mitre
web.nvd.nist.gov
42
4
zkteco
biotime
authentication bypass
unauthorized access
employee photos
cve-2022-30515
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
5.4
Confidence
High
EPSS
0.001
Percentile
36.9%
ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an attacker to view them through filename enumeration.
Affected configurations
Node
zktecobiotimeMatch8.5.4
ORzktecobiotimeMatch8.5.5
Social References
More
Related
prion
prion
Authentication flaw
2022-11-08 23:15:00
cvelist
cvelist
CVE-2022-30515
2022-11-08 00:00:00
nvd
nvd
CVE-2022-30515
2022-11-08 23:15:09
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
5.4
Confidence
High
EPSS
0.001
Percentile
36.9%
Related for CVE-2022-30515